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1 . A metHod for dynamically configuring a tunnel comprising: 
initiating, by a first peer, a negotiation with a second peer; 
sending, by the second peer, information to the first peer; 

extracting, by\the first peer, a security configuration from the information sent by the 
second peer; and 

establishing, using the security configuration, a tunnel between the first peer and the 
second peer. 

2. The method of\claim 1, wherein the negotiation utilizes the configuration mode 
exchange extension of the IPSec protocol. 

3. The method of claim 1, wherein the establishing a tunnel includes conducting a 
phase2 negotiation in the IPSec protocol. 

4. The method of claim i, further comprising initiating, by the first peer, a 
preliminary negotiation with the second peer. 

5. The method of claim 4, wherein the initiating a preliminary negotiation includes 
conducting a phase 1 negotiation in the IPSec protocol. 



6. A method for dynamically configuring a tunnel comprising: 
initiating, by a first peer, a negotiation with a second peer; 
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extracting, by the first peer, a security configuration from information sent by the 
second peer; and 

establishing, y sing the security configuration, a tunnel between the first peer and the 
second peer. 



7. The method onclaim 6, wherein the tunnel is an IPSec tunnel. 

8. The method of ckim 6, wherein the negotiation utilizes the configuration mode 
exchange extension of the IRSec protocol. 

9. The method of claim 6, wherein the initiating comprises requesting, by the first 
peer, that the second peer send information, the information including policy information to 
define a subsequent negotiation between the first peer and the second peer. 

10. The method of claim 9,\wherein the policy information defines one or more 
security associations. 



1 1 . The method of claim 10, wherein the information sent by the second peer 



comprises sets of attributes, the attribut 
addresses. 



s including security parameters and network 



12. The method of claim 6, wherein the establishing a tunnel comprises negotiating, 
by the first peer with the second peer, to generate a secure key. 
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13. The method of claim 12, wherein the negotiating to generate a secure key 



a phase2 negotiation in the EPSec protocol. 



14. The methoaVof claim 6, wherein the establishing a tunnel utilizes the quick mode 
exchange of the IPSec protocol. 

15. The method o^claim 6, wherein the IP address of the second peer is accessible to 
the first peer. 

16. The method of cl^im 15, wherein a shared secret is stored on the first peer before 
the negotiation. 

17. The method of claim 6, further comprising initiating, by the first peer, a 
preliminary negotiation with the second peer, the initiating comprising offering, by the first 
peer to the second peer, at least one security proposal supported by the first peer. 

18. The method of claim 1V7, wherein the first peer orders offered security proposals 
in a transmission packet such that a more secure security proposal is offered before a less 
secure proposal. 

19. The method of claim 1 7, v^herein the preliminary negotiation utilizes the base 
mode exchange extension of the IPSecvprotocol. 



20. The method of claim 17, wherein the initiating a preliminary negotiation further 
comprises sending, by the first peer to the second peer, the identity of the first peer. 
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21. The method of claim 17, wherein the initiating a preliminary negotiation includes 
conducting a phastel negotiation in the EPSec protocol. 

22. The methoovof claim 17, wherein the preliminary negotiation utilizes one of main 
mode and aggressive mode of the IPSec protocol. 

23. A method for dynamically configuring a tunnel comprising: 

sending, by a second peer, information to a first peer that initiated a negotiation with 
the second peer, the information including a security configuration intended to be extracted 
by the first peer; and \ 

establishing, using the security configuration, a tunnel between the first peer and the 
second peer. \ 

24. The method of claim 23,\wherein the information includes policy information 
defining one or more security associations. 

25. A system for dynamically configuring a tunnel comprising: 
a first peer; and 1 \ 

a second peer configured to communicate with the first peer over a network 
connection, \ 

wherein the first peer is configured to initiate a negotiation with the second 
peer, \ 

the second peer is configured to send information to the first peer, 
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the first peer is configured to extract a security configuration from the 
information sent by the second peer, and 

the first peer and the second peer are configured to establish a tunnel 
therebetween using the security-configuration. 

26. The system of claim 25, wherein the tunnel is an IPSec tunnel. 

27. A computer-readable medium encoded with a plurality of processor-executable 
instruction sequences for: 

initiating, by a first pe&r, a negotiation with a second peer; 

extracting, by the first oeer, a security configuration from information sent by the 
second peer; and 

establishing, using the security configuration, a tunnel between the first peer and the 
second peer. 

28. The computer-reac able medium of claim 27, wherein the negotiation comprises a 
request/reply negotiation, whe ein the first peer requests that the second peer send the 
information, and the second p^er replies to the request by sending the information to the first 
peer. 

29. A computer-readable medium encoded with a plurality of processor-executable 
instruction sequences for: 

sending, by a secon'd peer, information to a first peer that initiated a negotiation with 
the second peer, the inforijhation including a security configuration intended to be extracted 
by the first peer; and 
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establishing, using the security configuration, a tunnel between the first peer and the 
second peer. 



- 30-. The computer-readable medium of claim ■ 29, ; wherein the information includes 
sets of attributes, the attributes including security parameters and network addresses. 
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